summaryrefslogtreecommitdiff
path: root/src/vpaccess.c
diff options
context:
space:
mode:
authorTobias Klauser <tklauser@distanz.ch>2009-05-23 15:14:45 +0200
committerTobias Klauser <tklauser@distanz.ch>2009-05-24 12:17:09 +0200
commit911aae05b5d3ffd2543333e27cf06778381c7b3c (patch)
tree33330b37bf5ede3156f1a7984f1692073223e454 /src/vpaccess.c
parent04b38c4c173cef3b1b12163f1cf5a9b3cef8cb4a (diff)
New upstream release 15.7a, fixing CVE-2009-014815.7a-1
Diffstat (limited to 'src/vpaccess.c')
-rw-r--r--src/vpaccess.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/vpaccess.c b/src/vpaccess.c
index cb56730..607cee1 100644
--- a/src/vpaccess.c
+++ b/src/vpaccess.c
@@ -30,7 +30,7 @@
DAMAGE.
=========================================================================*/
-/* $Id: vpaccess.c,v 1.2 2000/05/03 22:02:10 petr Exp $ */
+/* $Id: vpaccess.c,v 1.3 2009/04/10 13:39:23 broeker Exp $ */
/* vpaccess - view path version of the access system call */
@@ -49,7 +49,7 @@ vpaccess(char *path, mode_t amode)
if ((returncode = access(path, amode)) == -1 && path[0] != '/') {
vpinit(NULL);
for (i = 1; i < vpndirs; i++) {
- (void) sprintf(buf, "%s/%s", vpdirs[i], path);
+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path);
if ((returncode = access(buf, amode)) != -1) {
break;
}